Because anybody can use the _SUPPRESS_ACCESSRULE traversal hack to turn
off AccessRules they aren't safe to use for security. My concern is,
given the name of the object, that people will use it incorrectly.
Seeing as there really isn't any value in letting anonymouse users
disable AccessRules on a whim, I think the traversal hack should be
removed entirely. The environment variable disabling semaphore is safer.
@@
def __call__(self, container, request):
if SUPPRESS_ACCESSRULE: return
- if '_SUPPRESS_ACCESSRULE' in _swallow(request, '_SUPPRESS'):
- request.setVirtualRoot(request.steps)
- return
NameCaller.__call__(self, container, request)
-def _swallow(request, prefix):
- path = request['TraversalRequestNameStack']
- steps = request.steps
- i = len(steps)
- while i > 0 and steps[i - 1][:1] == '_':
- i = i - 1
- while path and path[-1][:len(prefix)] == prefix:
- steps.append(path.pop())
- return steps[i:]
-
def manage_addAccessRule(self, method_id=None, REQUEST=None, **ignored):
"""Point a __before_traverse__ entry at the specified method"""
# We want the original object, not stuff in between, and no acquisition
I agree that stripping out the URL-based suppression is the right thing to do here.
We also need to rip out the equivalent code inside Products.